Try our new research platform with insights from 80,000+ expert users

Microsoft Sentinel vs Oracle Security Monitoring and Analytics Cloud Service comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Sentinel
Ranking in Security Information and Event Management (SIEM)
3rd
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
97
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (1st), Microsoft Security Suite (4th), AI-Powered Cybersecurity Platforms (5th)
Oracle Security Monitoring ...
Ranking in Security Information and Event Management (SIEM)
53rd
Average Rating
7.0
Reviews Sentiment
8.5
Number of Reviews
1
Ranking in other categories
User Entity Behavior Analytics (UEBA) (25th)
 

Mindshare comparison

As of June 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Microsoft Sentinel is 7.1%, down from 8.8% compared to the previous year. The mindshare of Oracle Security Monitoring and Analytics Cloud Service is 0.4%, down from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Ivan Angelov - PeerSpot reviewer
Threat detection and response capabilities enhance investigation processes
My security team has been using Microsoft Sentinel for around two years. We also have Bastion and SolarWinds as part of our monitoring tools. We use a three-way tool, alongside Microsoft Sentinel, in our environment The most valuable features for us include threat collection, threat detection,…
IB
Easy to install, highly secure standards, and reliable
We use Oracle Security Monitoring and Analytics Cloud Service for security information, event management, and analytics. This has helped eliminate any external network attacks The security level that they are maintaining with the pre-authentication keys is very good. They are following the global…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The product can integrate with any device."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"Microsoft Sentinel's ability to correlate data from multiple sources has improved our capability significantly."
"The security level that they are maintaining with the pre-authentication keys is very good."
 

Cons

"We'd like to see more connectors."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"The solution could be more user-friendly; some query languages are required to operate it."
"I think the number one area of improvement for Sentinel would be the cost."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The playbook is a bit difficult and could be improved."
"The solution could improve by providing better documentation for beginners to learn, such as videos or other tutorials."
 

Pricing and Cost Advice

"Microsoft Sentinel is expensive."
"The pay-as-you-go model is beneficial to customers."
"I don't know yet because they gave us a 30-day test window for free."
"The price is reasonable because Sentinel includes features like user behavior analytics and SOAR that are typically sold separately. Overall, a standalone on-prem solution would require some high-end servers, and there's a different cost. It is a cloud-based solution, so there are backend cloud computing costs, but they are negligible."
"The solution is expensive and there is a daily usage fee."
"Sentinel is a pay-as-you-go solution. To use it, you need a Log Analytics workspace. This is where the logs are stored and the cost of Log Analytics is based on gigabytes... On top of that, there is the cost of Sentinel, which is about €2 per gigabyte. If a customer has an M365 E5 license, the logs that come from Microsoft Defender are free."
"Sentinel can be expensive. When you ingest data from sources that are outside of the cloud, you're paying a fair amount for that data ingestion. When you're ingesting data sources from within the cloud, depending on what your retention periods are, it's not that expensive."
"Sentinel's price is comparable to pretty much everything out there. None of it is cheap, but we didn't think we could save money by going a different route. Sentinel was part of our Azure expenditures, so it was easier to add the expense instead of having a completely separate vendor."
"The solution is not expensive for the data security measure you receive, it is reasonable."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
856,873 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
11%
Manufacturing Company
8%
Government
8%
Financial Services Firm
18%
Computer Software Company
12%
Government
7%
Real Estate/Law Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
Ask a question
Earn 20 points
 

Also Known As

Azure Sentinel
SMA Cloud Service
 

Overview

 

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
Information Not Available
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: June 2025.
856,873 professionals have used our research since 2012.